back to article Bluetooth bugs bedevil billions of devices

Security experts have long complained that complexity is the enemy of security, but the designers of the Bluetooth specification have evidently failed to pay attention. Bluetooth is a wireless communication protocol for connecting devices over short ranges. It's used in mobile phones, wireless speakers, smartwatches, printers …

  1. oldtaku

    It just wasn't designed for this - it wasn't designed

    The problem is that Bluetooth just wasn't designed for anything nearly as complex as what it's doing. It was just supposed to be wireless RS-232 (serial port) for a single un-encrypted point to point audio link!

    Then, since it was there (oh hey, we've got a wireless data stream?), people just started cramming more and more 'features' and s@#$ into it. So it was never designed - it was accreted. Obviously parts were designed, but that's no substitute for a system vision. And once you get an industry consortium involved it just explodes in complexity as they all try to parasitically infect the standard with their own internal protocols / standards, and often succeed.

    Given all that it's stunningly, stupidly complex for no good reason. One of the worst protocols I ever had to work with and a security nightmare (because, like Flash, it wasn't designed with security in mind) There are tons more exploits lurking in the stacks.

    Why does everyone still use it? Because it's an existing cross-platform standard (chicken and egg), and it mostly works if you beat your head on it enough.

    1. inmypjs Silver badge

      Re: It just wasn't designed for this - it wasn't designed

      Bluetooth specifications may be crap but there is no way they mandate or force remote code execution vulnerabilities. Crap programmers produce those - same as ever.

      The real problem is there are billions of android devices which can be silently and wirelessly owned that are never going to get updates. I don't see why compromised devices can't own further android devices so we have security of billions of devices compromised and the mother of all bot-nets just waiting to be built.

      Is it not that serious? Is it not that easy to exploit?

      1. oldtaku

        Re: It just wasn't designed for this - it wasn't designed

        A mediocre (not bad, most are just mediocre) programmer can chug through a clean standard and implement it without doing too many bad things. But when you hit them with a terrible spec they just get completely frustrated and throw their hands up and do whatever just to make it 'work' because they're overwhelmed and confused. Can't get this to work properly? Let's just have it run arbitrary commands.

        I've seen this personally with things like people implementing the terrible (and terribly named) 'Simple' Network Management Protocol - mostly with the MIBs and lack of transaction support. These guys had produced decent SMTP code, but I just had to throw their SNMP code out.

        Obviously good programmers would do better, but even they make mistakes when the protocol is a nightmare. It's not the only factor, but it's one of the compounding factors.

  2. ElReg!comments!Pierre Silver badge

    Not terribly new

    Bluetooth lack of security was never really a mistery even for the non-tech world. About 10 tears ago in a Simpsons episode Lisa mocked Bart for playing super-secret agent with a bluetooth hand-free kit, the most vulnerable tech ever (or something to that effect).

    1. VinceH Silver badge

      Re: Not terribly new

      It's nice to have definite confirmation of something I've always just felt was the case. From the article:

      '"Just having Bluetooth on puts you at risk," said Izrael.'

      On every single Bluetooth-enabled device I've ever had, I've always made sure Bluetooth was firmly off for that very (felt, not known) reason.

      Just because you're paranoid, and all that... ;)


    have you seen wifi ?

    honestly yes their is going to be issues but from my point of view bluetooth does a good job

    I just wish people would use the standard profiles such as blood pressure monitor and location service rather than trying to come up with their own

    1. vtcodger Silver badge

      blood pressure monitor and location service?

      Used to determine where you left that damn Sphygmomanometer this time?

  4. ajft

    So how many automotive manufacturers over how many years have built vulnerable BT stacks into their cars? If you think getting old phones updated to be secure, try getting a firmware fix for a car!

    1. Solarflare

      Oh don't worry, a mischievious hacker might be able to get "Never gonna give you up" blasting out of your infotainment system, but I am sure the manufacturers made sure there was total separation from anything important from a motion or safety perspective...right?

  5. Alistair Silver badge

    I'm not sure what idiot suggested it or has implemented it (I've seen ads recently that indicate that it has been done) but apparently you can buy a bluetooth dongle to plug into your OBDII port so you can check your car with your phone....

  6. Nimby


    Actually, I'm a little surprised that anyone ever thought Bluetooth WAS secure.

    That aside, it's BT. It's short-range. Most attacks fail pretty badly just for that reason alone. (What are you doing in my house?! I'm haxoring your PlayStation. Nya!) (Dude, stop following me! You're creepy! But I'm totally pwning your iThing. Just let me creepily tail you for another minute...)

    So most hacks have to really really know you and super-secret James Bond you to even get at your gizmo without getting punched in the face. Which leaves most situations pretty secure because they are physically secure.

    And if that's not enough for you, then just turn BT off. That was easy. And it just added another hour or two to your battery life.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019